- Microsoft, Facebook, and Snapchat logins exposed in public database with 184 million records
- Credentials for banks, health services, and government portals found across numerous countries
- Emails, passwords, and direct login links could be accessed by anyone online
Login credentials for Microsoft, Facebook, Google, and dozens of other platforms were found in a public, unsecured database, raising concerns about targeted phishing campaigns and identity theft.
The discovery was made by Jeremiah Fowler, a security researcher known for tracking down exposed databases.
This unsecured data dump had over 184 million unique records containing emails, usernames, passwords, and direct login URLs to everything from email providers and Microsoft services to Instagram, Roblox, and more.
Attribution troubles
Fowler said he also found credentials linked to banking and financial platforms, health services, and government portals spanning “numerous countries.”
To verify the data, he reached out to some of the email addresses listed, and confirmed that at least a portion of the exposed information was real.
The implications are severe: anyone with access to the database could quietly take over accounts, steal personal information, or launch highly targeted phishing attacks.
Fowler says the IP address indicated that the database was connected to two domain names – one parked and unavailable, and the other unregistered and available for purchase.
The Whois registration was set to private, making it impossible to identify the true owner of the database. Fowler managed to reach out to the hosting provider, and soon after public access was restricted.
The provider did not disclose the information about the owner.
With that in mind, Fowler says it’s difficult to determine if the database was generated by a malicious actor, or a legitimate one. Still, he leans towards the former, claiming to have seen “multiple signs” the data was harvested with infostealers.
Infostealers are usually distributed via phishing, malicious websites, or tainted updates. They can harvest sensitive information from the compromised device, including passwords stored in browsers, important PDF files, cryptocurrency wallet information, and more.
Once crooks get access to email accounts, they can use them to launch convincing phishing attacks, or steal even more data.
In fact, Fowler argues that many people “treat their email accounts like free storage” and keep years’ worth of sensitive documents inside.
Via Website Planet
